No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search


To have a better experience, please upgrade your IE browser.


IPsec VPN with IPAD VPN client on USG Firewall

Publication Date:  2013-11-22 Views:  1854 Downloads:  0

Issue Description

Customer was not able to create VPN tunnel between USG2260 firewall and Apple device because Apple has different default settings for IPsec, and the settings can not be changed on Apple devices especially IPADs. 

Alarm Information


Handling Process

We did some research to find out what Apple devices use for their IPsec settings.
found out following settings :

Ike encryption: 3DES
Authentication algorithm: SHA-1 (default for Huawei)
Authentication method: pre-share key (default for Huawei)
DH: group2

IPSec mode: transport mode
IPSec encryption: 3DES
IPSec Authentication algorithm: MD5 (default for Huawei)

we applied the setting on the USG firewall and customer was able create the VPN tunnel.

Root Cause

we had to figure out the default settings for Apple devices for IPSec.


Apple uses different default settings for IPSec VPN and it can not be changed on their devices, so we need to apply their settings on Huawei firewall to create the VPN tunnel.